mirror of
https://github.com/slawkens/myaac.git
synced 2025-10-19 12:13:25 +02:00
[WIP] Account Lost refactor
This commit is contained in:
slawkens
57
system/pages/account/lost/check-code.php
Normal file
57
system/pages/account/lost/check-code.php
Normal file
@@ -0,0 +1,57 @@
|
||||
<?php
|
||||
$code = isset($_REQUEST['code']) ? trim($_REQUEST['code']) : '';
|
||||
$character = isset($_REQUEST['character']) ? stripslashes(trim($_REQUEST['character'])) : '';
|
||||
|
||||
if(empty($code) || empty($character))
|
||||
$twig->display('account.lost.check-code.html.twig', [
|
||||
'code' => $code,
|
||||
'characters' => $character,
|
||||
]);
|
||||
else
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($character);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_code') == $code) {
|
||||
echo '
|
||||
Please enter new password to your account and repeat to make sure you remember password.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" METHOD=post>
|
||||
<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
|
||||
<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Passwords</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
New password: <INPUT TYPE=password ID="passor" NAME="passor" VALUE="" SIZE="40"><BR />
|
||||
Repeat new password: <INPUT TYPE=password ID="passor2" NAME="passor2" VALUE="" SIZE="40"><BR />
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else {
|
||||
$error = 'Wrong code to change password.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$error = "Account of this character or this character doesn't exist.";
|
||||
}
|
||||
}
|
||||
|
||||
if(!empty($error)) {
|
||||
$twig->display('error_box.html.twig', [
|
||||
'errors' => [$error],
|
||||
]);
|
||||
|
||||
echo '<br/>';
|
||||
|
||||
$twig->display('account.lost.check-code.html.twig', [
|
||||
|
||||
]);
|
||||
}
|
||||
56
system/pages/account/lost/send-code.php
Normal file
56
system/pages/account/lost/send-code.php
Normal file
@@ -0,0 +1,56 @@
|
||||
<?php
|
||||
|
||||
$email = $_REQUEST['email'];
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_next') < time()) {
|
||||
if($account->getEMail() == $email) {
|
||||
$newCode = generateRandomString(30, true, false, true);
|
||||
$mailBody = $twig->render('mail.account.lost.code.html.twig', [
|
||||
'newCode' => $newCode,
|
||||
'account' => $account,
|
||||
'nick' => $nick,
|
||||
]);
|
||||
|
||||
$accountEMail = $account->getCustomField('email');
|
||||
if(_mail($accountEMail, configLua('serverName') . ' - Recover your account', $mailBody)) {
|
||||
$account->setCustomField('email_code', $newCode);
|
||||
$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
|
||||
|
||||
echo '<br />Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
|
||||
}
|
||||
else {
|
||||
$account->setCustomField('email_next', (time() + 60));
|
||||
error('An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>');
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Invalid e-mail to account of character <b>' . htmlspecialchars($nick) . '</b>. Try again.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$insec = (int)$account->getCustomField('email_next') - time();
|
||||
$minutesleft = floor($insec / 60);
|
||||
$secondsleft = $insec - ($minutesleft * 60);
|
||||
$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
|
||||
|
||||
echo 'Account of selected character (<b>' . htmlspecialchars($nick) . '</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60) . ' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=step1&action_type=email&nick=' . urlencode($nick),
|
||||
]);
|
||||
81
system/pages/account/lost/set-new-password.php
Normal file
81
system/pages/account/lost/set-new-password.php
Normal file
@@ -0,0 +1,81 @@
|
||||
<?php
|
||||
$newPassword = $_REQUEST['passor'];
|
||||
$code = $_REQUEST['code'];
|
||||
$character = stripslashes($_REQUEST['character']);
|
||||
|
||||
if(empty($code) || empty($character) || empty($newPassword)) {
|
||||
echo '<span style="color: red"><b>Error. Try again.</b></span><br/>Please enter code from e-mail and name of one character from account. Then press Submit.<br>';
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=check-code',
|
||||
]);
|
||||
}
|
||||
else
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($character);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded())
|
||||
{
|
||||
if($account->getCustomField('email_code') == $code)
|
||||
{
|
||||
if(Validator::password($newPassword))
|
||||
{
|
||||
$tmp_new_pass = $newPassword;
|
||||
if(USE_ACCOUNT_SALT)
|
||||
{
|
||||
$salt = generateRandomString(10, false, true, true);
|
||||
$tmp_new_pass = $salt . $newPassword;
|
||||
$account->setCustomField('salt', $salt);
|
||||
}
|
||||
|
||||
$account->setPassword(encrypt($tmp_new_pass));
|
||||
$account->save();
|
||||
$account->setCustomField('email_code', '');
|
||||
|
||||
$mailBody = $twig->render('mail.account.lost.new-password.html.twig', [
|
||||
'account' => $account,
|
||||
'newPassword' => $newPassword,
|
||||
]);
|
||||
|
||||
$statusMsg = '';
|
||||
if(_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) {
|
||||
$statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
|
||||
}
|
||||
else {
|
||||
$statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
|
||||
}
|
||||
|
||||
$twig->display('account.lost.finish.new-password.html.twig', [
|
||||
'statusMsg' => $statusMsg,
|
||||
'newPassword' => $newPassword,
|
||||
]);
|
||||
}
|
||||
else
|
||||
$error= Validator::getLastError();
|
||||
}
|
||||
else
|
||||
$error= 'Wrong code to change password.';
|
||||
}
|
||||
else
|
||||
$error = 'Account of this character or this character doesn\'t exist.';
|
||||
}
|
||||
|
||||
if(!empty($error)) {
|
||||
$twig->display('error_box.html.twig', [
|
||||
'errors' => [$error],
|
||||
]);
|
||||
|
||||
echo '<br/>';
|
||||
|
||||
$twig->display('account.lost.check-code.html.twig', [
|
||||
'code' => $code,
|
||||
'character' => $character,
|
||||
]);
|
||||
}
|
||||
36
system/pages/account/lost/step1-email.php
Normal file
36
system/pages/account/lost/step1-email.php
Normal file
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_next') < time()) {
|
||||
$twig->display('account.lost.step1-email.html.twig', [
|
||||
'nick' => $nick,
|
||||
]);
|
||||
}
|
||||
else
|
||||
{
|
||||
$insec = (int)$account->getCustomField('email_next') - time();
|
||||
$minutesleft = floor($insec / 60);
|
||||
$secondsleft = $insec - ($minutesleft * 60);
|
||||
$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
|
||||
|
||||
echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost'),
|
||||
]);
|
||||
39
system/pages/account/lost/step1-reckey.php
Normal file
39
system/pages/account/lost/step1-reckey.php
Normal file
@@ -0,0 +1,39 @@
|
||||
<?php
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
if($account->isLoaded())
|
||||
{
|
||||
$account_key = $account->getCustomField('key');
|
||||
if(!empty($account_key))
|
||||
{
|
||||
echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=step2" METHOD=post>
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter your recovery key</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Character name: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
|
||||
Recovery key: <INPUT TYPE=text NAME="key" VALUE="" SIZE="40"><BR>
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
else {
|
||||
echo 'Player or account of player <b>' . htmlspecialchars($nick) . '</b> doesn\'t exist.';
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost'),
|
||||
]);
|
||||
37
system/pages/account/lost/step2.php
Normal file
37
system/pages/account/lost/step2.php
Normal file
@@ -0,0 +1,37 @@
|
||||
<?php
|
||||
|
||||
$recKey = trim($_REQUEST['key']);
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
$accountKey = $account->getCustomField('key');
|
||||
if(!empty($accountKey)) {
|
||||
if($accountKey == $recKey) {
|
||||
$twig->display('account.lost.step2.html.twig', [
|
||||
'nick' => $nick,
|
||||
'recKey' => $recKey,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
echo 'Wrong recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
}
|
||||
else
|
||||
echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
|
||||
]);
|
||||
87
system/pages/account/lost/step3.php
Normal file
87
system/pages/account/lost/step3.php
Normal file
@@ -0,0 +1,87 @@
|
||||
<?php
|
||||
$recKey = trim($_REQUEST['key']);
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
$newPassword = trim($_REQUEST['passor']);
|
||||
$newEmail = trim($_REQUEST['email']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded())
|
||||
{
|
||||
$accountKey = $account->getCustomField('key');
|
||||
if(!empty($accountKey)) {
|
||||
if($accountKey == $recKey) {
|
||||
if(Validator::password($newPassword)) {
|
||||
if(Validator::email($newEmail)) {
|
||||
$account->setEMail($newEmail);
|
||||
|
||||
$tmp_new_pass = $newPassword;
|
||||
if(USE_ACCOUNT_SALT)
|
||||
{
|
||||
$salt = generateRandomString(10, false, true, true);
|
||||
$tmp_new_pass = $salt . $newPassword;
|
||||
}
|
||||
|
||||
$account->setPassword(encrypt($tmp_new_pass));
|
||||
$account->save();
|
||||
|
||||
if(USE_ACCOUNT_SALT) {
|
||||
$account->setCustomField('salt', $salt);
|
||||
}
|
||||
|
||||
$statusMsg = '';
|
||||
if($account->getCustomField('email_next') < time()) {
|
||||
$mailBody = $twig->render('mail.account.lost.new-email.html.twig', [
|
||||
'account' => $account,
|
||||
'newPassword' => $newPassword,
|
||||
'newEmail' => $newEmail,
|
||||
]);
|
||||
|
||||
if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody)) {
|
||||
$statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
|
||||
}
|
||||
else {
|
||||
$statusMsg = '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$statusMsg = '<br /><small>You will not receive e-mail with this informations.</small>';
|
||||
}
|
||||
|
||||
$twig->display('account.lost.finish.new-email.html.twig', [
|
||||
'statusMsg' => $statusMsg,
|
||||
'account' => $account,
|
||||
'newPassword' => $newPassword,
|
||||
'newEmail' => $newEmail,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
echo Validator::getLastError();
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo Validator::getLastError();
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Wrong recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
|
||||
]);
|
||||
Reference in New Issue
Block a user